<?php


session_start();

		if (isset($_REQUEST['user_login'])) {
			$user_login = $_REQUEST['user_login'];
		}
		else {
			$user_login = "";
		} 
		
		if (isset($_REQUEST['password'])) {
			$password = $_REQUEST['password'];
		}
		else {
			$password = "";
		} 
		
		if (isset($_REQUEST['referrer'])) {
			$referrer = $_REQUEST['referrer'];
		}
		else {
			$referrer = "";
		} 
		
		if (isset($_REQUEST['logmode'])) {
			$logmode = $_REQUEST['logmode'];
		}
		else {
			$logmode = "";
		} 		
		
include_once "%connectinclude%";
	include_once "commonctls.php";
	
	
	if($logmode == 'Login') {
		
		session_register('user_is_logged_in');
	
		$login_id = lookup_value("user_id", "users_names"," user_login = '" . $user_login . "'");
		//print "user_id='".$login_id."'" . "\nUser ID is: " . $user_id;
	
		$stored_pass = lookup_value("password", "users_names"," user_id = " . $login_id );
		//print "\nStoredPass  is: " . $stored_pass;
		
		if($password == $stored_pass)
		{
			
			//print "You are logged in";
			$_SESSION['user_is_logged_in'] = 1;
			session_register('user_is_logged_in');
			
			$qry_get_permissions = "SELECT page_name, permission FROM users_pages WHERE user_id = $login_id";
			$get_permissions_list = mysql_query($qry_get_permissions) or die(mysql_error());
			$_SESSION['test'] = "Works";
			$_SESSION['user_id'] = $login_id;
			$_SESSION['user_name'] = $user_login;
			while($resultsarray = mysql_fetch_assoc($get_permissions_list)) {
				$curr_element = $resultsarray['page_name'];
				$curr_permission = $resultsarray['permission'];
				//print "Current element = $curr_element = $curr_permission \n"; 
				//session_register($curr_element);
				
				$_SESSION[$curr_element] = $curr_permission;
			
			}
			
			
			//$url = parse_url($_SERVER["HTTP_REFERER"]);
			//$path = dirname($_SERVER["REQUEST_URI"]);
			header ("Location: ".$referrer);
			
			
			}
		else {
		$user_is_logged_in = 0;
		$_SESSION['user_is_logged_in'] = 0;
		print "you are not logged in";
		}
		
	}
	
	if($logmode == 'Logout') {
	$_SESSION['user_is_logged_in'] = 0;
	
		$qry_get_permissions = "SELECT DISTINCT page_name FROM users_pages WHERE 1";
		$get_permissions_list = mysql_query($qry_get_permissions) or die(mysql_error());

		while($resultsarray = mysql_fetch_assoc($get_permissions_list)) {
			$curr_element = $resultsarray['page_name'];
			unset($_SESSION[$curr_element]);
		}
		session_destroy();

	}

?>

<html>
<head>
<title>Project Login Page</title>

</head>
<body>
<h2>Please Login to Project Database</h2>
<br>
<form action="login.php" method="GET" name="loginform">
<p><input type="hidden" name="referrer" value="<?php print $referrer ?>"> </p>
<p>Enter Login:    <input type="text" name="user_login" value="<?php print $user_login ?>"></p>
<p>Enter Password: <input type="password" name="password" value="<?php print $password ?>"></p>
<p><input type="submit" name="logmode" value="Login">
</form>